﻿Imports LinhKienMayTinh.CommonMethods
Imports System.Security.Cryptography

Public Class Logon
    Inherits BasePage

#Region "Khai báo các biến toàn cục"

#End Region

#Region "Khai báo các event"

    ''' <summary>
    ''' Page_Load
    ''' </summary>
    ''' <param name="sender"></param>
    ''' <param name="e"></param>
    ''' <remarks></remarks>
    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
        Try
            If IsNothing(Session(CommonConstants.C_USERNAME)) = False Then
                If IsNothing(Request.QueryString("do")) = False Then
                    If CStr(Request.QueryString("do")) = "logout" Then
                        Me.Logout()
                        Response.Redirect("~/logon/logon.aspx")
                    End If
                End If
                Response.Redirect("~/Admin/HomePageEdit.aspx", False)
                Exit Sub
            End If
            If IsPostBack Then                
                If IsUserExist() = True Then
                    Session(CommonConstants.C_USERNAME) = Me.txtUsername.Text
                    If Session(CommonConstants.PREVIOUS_LINK) IsNot Nothing AndAlso Session(CommonConstants.PREVIOUS_LINK) <> String.Empty Then
                        Response.Redirect(Session(CommonConstants.PREVIOUS_LINK), False)
                        Exit Sub
                    End If
                    Response.Redirect("~/Admin/HomePageEdit.aspx", False)
                    Exit Sub
                Else
                    Me.lbErrorSumary.Text = "ID hoặc password không đúng."
                End If
            End If
        Catch ex As Exception
            Server.Transfer("~/Pages/Error.aspx")
        End Try

    End Sub
#End Region

#Region "Khai báo các function method"

    ''' <summary>
    ''' logout
    ''' </summary>
    ''' <remarks></remarks>
    Protected Overridable Sub Logout()

        Session.Remove(CommonConstants.C_USERNAME)

    End Sub

    ''' <summary>
    ''' Kiểm tra account có tồn tại hay không
    ''' </summary>
    ''' <returns></returns>
    ''' <remarks></remarks>
    Protected Overridable Function IsUserExist() As Boolean
        Dim xSql As String
        Dim da As DBAccess
        Dim ds As DataSet
        Dim script As MD5 = MD5CryptoServiceProvider.Create()

        Try
            da = GetDBAccess()

            xSql = "SELECT * FROM T_USER WHERE USERNAME = '@USERNAME' AND PASSWORD = CONVERT(VARCHAR(40), HashBytes('MD5', '@PASSWORD'), 2)"
            xSql = Replace(xSql, "@USERNAME", ToSqlStr(Me.txtUsername.Text, SqlDataType.DataType_String, False))
            xSql = Replace(xSql, "@PASSWORD", ToSqlStr(Me.txtPassword.Text, SqlDataType.DataType_String, False))
            ds = da.GetDBDataset(xSql)
            If ds.Tables(0).Rows.Count < 1 Then
                Return False
            End If

            Return True
        Catch ex As Exception
            Throw
        End Try
    End Function

#End Region

End Class